aws-sdk-guardduty 1.107.0 → 1.109.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-guardduty/client.rb +123 -7
  5. data/lib/aws-sdk-guardduty/client_api.rb +205 -0
  6. data/lib/aws-sdk-guardduty/types.rb +824 -15
  7. data/lib/aws-sdk-guardduty.rb +1 -1
  8. data/sig/types.rbs +179 -0
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 854873401858e098e0ff72c0ae6ead8441db9dbc411cd9fcfcae7cb0509e630d
4
- data.tar.gz: 64105ff6e676df62eb72baa459eff8b596ec430211850cd4d994faaff95dea64
3
+ metadata.gz: 4144b58fd8c227c46907bb8b9eb5e88b95e494b9fcb70b99aad1bb713d3883e0
4
+ data.tar.gz: c0409cefa3900a39acfb545a71dfe35d5cd6e55d8aa4a585708f4148d18ff697
5
5
  SHA512:
6
- metadata.gz: b80fb4809cdbdcada212c8a6d224a09b54dbfa92f8a41302d03e876abe20ed9b7d303a0165ddf7223bde66cebc13627063705022ff2f7e4e36a99dc82cb39c84
7
- data.tar.gz: 8ea2c700244d412f3856c6854b8c5980625730876a28a738afcaa961b0f0bf5648f89b1f0e4374eca9e6c62aa67b924a6d378d888a529cc6e1b9b31b534e9098
6
+ metadata.gz: 3cbb78cd0043cb6bae9d4019d9daa557f24cc428c9f6ee3f8838182b689c37af65e72aef8b98fae05208e19c4712b0e556bca0a498d3c9907bade325b630272e
7
+ data.tar.gz: 7c5ce7c8a2ad9a9704a04c089b8d19064e63a764d0034e9eb93f51f0e2834ce53dec7dc70ada2107fffe94d9db1d33da3cfa53f9a61f0d3afa7a22e8b8376a5e
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.109.0 (2024-12-12)
5
+ ------------------
6
+
7
+ * Feature - Improved descriptions for certain APIs.
8
+
9
+ 1.108.0 (2024-12-02)
10
+ ------------------
11
+
12
+ * Feature - Add new Multi Domain Correlation findings.
13
+
4
14
  1.107.0 (2024-11-18)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.107.0
1
+ 1.109.0
data/lib/aws-sdk-guardduty/client.rb CHANGED
@@ -740,9 +740,11 @@ module Aws::GuardDuty
740
740
  #
741
741
  # * **Medium**: `["4", "5", "6"]`
742
742
  #
743
- # * **High**: `["7", "8", "9"]`
744
- # For more information, see [Severity levels for GuardDuty
745
- # findings][2].
743
+ # * **High**: `["7", "8"]`
744
+ #
745
+ # * **Critical**: `["9", "10"]`
746
+ # For more information, see [Findings severity levels][2] in the
747
+ # *Amazon GuardDuty User Guide*.
746
748
  #
747
749
  # * type
748
750
  #
@@ -933,7 +935,7 @@ module Aws::GuardDuty
933
935
  #
934
936
  #
935
937
  # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_FindingCriteria.html
936
- # [2]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity
938
+ # [2]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings-severity.html
937
939
  #
938
940
  # @option params [String] :client_token
939
941
  # The idempotency token for the create request.
@@ -2877,6 +2879,117 @@ module Aws::GuardDuty
2877
2879
  # resp.findings[0].service.detection.anomaly.unusual.behavior["String"]["String"].profile_subtype #=> String, one of "FREQUENT", "INFREQUENT", "UNSEEN", "RARE"
2878
2880
  # resp.findings[0].service.detection.anomaly.unusual.behavior["String"]["String"].observations.text #=> Array
2879
2881
  # resp.findings[0].service.detection.anomaly.unusual.behavior["String"]["String"].observations.text[0] #=> String
2882
+ # resp.findings[0].service.detection.sequence.uid #=> String
2883
+ # resp.findings[0].service.detection.sequence.description #=> String
2884
+ # resp.findings[0].service.detection.sequence.actors #=> Array
2885
+ # resp.findings[0].service.detection.sequence.actors[0].id #=> String
2886
+ # resp.findings[0].service.detection.sequence.actors[0].user.name #=> String
2887
+ # resp.findings[0].service.detection.sequence.actors[0].user.uid #=> String
2888
+ # resp.findings[0].service.detection.sequence.actors[0].user.type #=> String
2889
+ # resp.findings[0].service.detection.sequence.actors[0].user.credential_uid #=> String
2890
+ # resp.findings[0].service.detection.sequence.actors[0].user.account.uid #=> String
2891
+ # resp.findings[0].service.detection.sequence.actors[0].user.account.name #=> String
2892
+ # resp.findings[0].service.detection.sequence.actors[0].session.uid #=> String
2893
+ # resp.findings[0].service.detection.sequence.actors[0].session.mfa_status #=> String, one of "ENABLED", "DISABLED"
2894
+ # resp.findings[0].service.detection.sequence.actors[0].session.created_time #=> Time
2895
+ # resp.findings[0].service.detection.sequence.actors[0].session.issuer #=> String
2896
+ # resp.findings[0].service.detection.sequence.resources #=> Array
2897
+ # resp.findings[0].service.detection.sequence.resources[0].uid #=> String
2898
+ # resp.findings[0].service.detection.sequence.resources[0].name #=> String
2899
+ # resp.findings[0].service.detection.sequence.resources[0].account_id #=> String
2900
+ # resp.findings[0].service.detection.sequence.resources[0].resource_type #=> String, one of "EC2_INSTANCE", "EC2_NETWORK_INTERFACE", "S3_BUCKET", "S3_OBJECT", "ACCESS_KEY"
2901
+ # resp.findings[0].service.detection.sequence.resources[0].region #=> String
2902
+ # resp.findings[0].service.detection.sequence.resources[0].service #=> String
2903
+ # resp.findings[0].service.detection.sequence.resources[0].cloud_partition #=> String
2904
+ # resp.findings[0].service.detection.sequence.resources[0].tags #=> Array
2905
+ # resp.findings[0].service.detection.sequence.resources[0].tags[0].key #=> String
2906
+ # resp.findings[0].service.detection.sequence.resources[0].tags[0].value #=> String
2907
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.owner_id #=> String
2908
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.created_at #=> Time
2909
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.encryption_type #=> String
2910
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.encryption_key_arn #=> String
2911
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.effective_permission #=> String
2912
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.public_read_access #=> String, one of "BLOCKED", "ALLOWED"
2913
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.public_write_access #=> String, one of "BLOCKED", "ALLOWED"
2914
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.account_public_access.public_acl_access #=> String, one of "BLOCKED", "ALLOWED"
2915
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.account_public_access.public_policy_access #=> String, one of "BLOCKED", "ALLOWED"
2916
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.account_public_access.public_acl_ignore_behavior #=> String, one of "IGNORED", "NOT_IGNORED"
2917
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.account_public_access.public_bucket_restrict_behavior #=> String, one of "RESTRICTED", "NOT_RESTRICTED"
2918
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.bucket_public_access.public_acl_access #=> String, one of "BLOCKED", "ALLOWED"
2919
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.bucket_public_access.public_policy_access #=> String, one of "BLOCKED", "ALLOWED"
2920
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.bucket_public_access.public_acl_ignore_behavior #=> String, one of "IGNORED", "NOT_IGNORED"
2921
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.bucket_public_access.public_bucket_restrict_behavior #=> String, one of "RESTRICTED", "NOT_RESTRICTED"
2922
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.s3_object_uids #=> Array
2923
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.s3_object_uids[0] #=> String
2924
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.availability_zone #=> String
2925
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.image_description #=> String
2926
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.instance_state #=> String
2927
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.iam_instance_profile.arn #=> String
2928
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.iam_instance_profile.id #=> String
2929
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.instance_type #=> String
2930
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.outpost_arn #=> String
2931
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.platform #=> String
2932
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.product_codes #=> Array
2933
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.product_codes[0].code #=> String
2934
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.product_codes[0].product_type #=> String
2935
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.ec2_network_interface_uids #=> Array
2936
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.ec2_network_interface_uids[0] #=> String
2937
+ # resp.findings[0].service.detection.sequence.resources[0].data.access_key.principal_id #=> String
2938
+ # resp.findings[0].service.detection.sequence.resources[0].data.access_key.user_name #=> String
2939
+ # resp.findings[0].service.detection.sequence.resources[0].data.access_key.user_type #=> String
2940
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.ipv_6_addresses #=> Array
2941
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.ipv_6_addresses[0] #=> String
2942
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.private_ip_addresses #=> Array
2943
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.private_ip_addresses[0].private_dns_name #=> String
2944
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.private_ip_addresses[0].private_ip_address #=> String
2945
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.public_ip #=> String
2946
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.security_groups #=> Array
2947
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.security_groups[0].group_id #=> String
2948
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.security_groups[0].group_name #=> String
2949
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.sub_net_id #=> String
2950
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.vpc_id #=> String
2951
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_object.etag #=> String
2952
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_object.key #=> String
2953
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_object.version_id #=> String
2954
+ # resp.findings[0].service.detection.sequence.endpoints #=> Array
2955
+ # resp.findings[0].service.detection.sequence.endpoints[0].id #=> String
2956
+ # resp.findings[0].service.detection.sequence.endpoints[0].ip #=> String
2957
+ # resp.findings[0].service.detection.sequence.endpoints[0].domain #=> String
2958
+ # resp.findings[0].service.detection.sequence.endpoints[0].port #=> Integer
2959
+ # resp.findings[0].service.detection.sequence.endpoints[0].location.city #=> String
2960
+ # resp.findings[0].service.detection.sequence.endpoints[0].location.country #=> String
2961
+ # resp.findings[0].service.detection.sequence.endpoints[0].location.latitude #=> Float
2962
+ # resp.findings[0].service.detection.sequence.endpoints[0].location.longitude #=> Float
2963
+ # resp.findings[0].service.detection.sequence.endpoints[0].autonomous_system.name #=> String
2964
+ # resp.findings[0].service.detection.sequence.endpoints[0].autonomous_system.number #=> Integer
2965
+ # resp.findings[0].service.detection.sequence.endpoints[0].connection.direction #=> String, one of "INBOUND", "OUTBOUND"
2966
+ # resp.findings[0].service.detection.sequence.signals #=> Array
2967
+ # resp.findings[0].service.detection.sequence.signals[0].uid #=> String
2968
+ # resp.findings[0].service.detection.sequence.signals[0].type #=> String, one of "FINDING", "CLOUD_TRAIL", "S3_DATA_EVENTS"
2969
+ # resp.findings[0].service.detection.sequence.signals[0].description #=> String
2970
+ # resp.findings[0].service.detection.sequence.signals[0].name #=> String
2971
+ # resp.findings[0].service.detection.sequence.signals[0].created_at #=> Time
2972
+ # resp.findings[0].service.detection.sequence.signals[0].updated_at #=> Time
2973
+ # resp.findings[0].service.detection.sequence.signals[0].first_seen_at #=> Time
2974
+ # resp.findings[0].service.detection.sequence.signals[0].last_seen_at #=> Time
2975
+ # resp.findings[0].service.detection.sequence.signals[0].severity #=> Float
2976
+ # resp.findings[0].service.detection.sequence.signals[0].count #=> Integer
2977
+ # resp.findings[0].service.detection.sequence.signals[0].resource_uids #=> Array
2978
+ # resp.findings[0].service.detection.sequence.signals[0].resource_uids[0] #=> String
2979
+ # resp.findings[0].service.detection.sequence.signals[0].actor_ids #=> Array
2980
+ # resp.findings[0].service.detection.sequence.signals[0].actor_ids[0] #=> String
2981
+ # resp.findings[0].service.detection.sequence.signals[0].endpoint_ids #=> Array
2982
+ # resp.findings[0].service.detection.sequence.signals[0].endpoint_ids[0] #=> String
2983
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators #=> Array
2984
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators[0].key #=> String, one of "SUSPICIOUS_USER_AGENT", "SUSPICIOUS_NETWORK", "MALICIOUS_IP", "TOR_IP", "ATTACK_TACTIC", "HIGH_RISK_API", "ATTACK_TECHNIQUE", "UNUSUAL_API_FOR_ACCOUNT", "UNUSUAL_ASN_FOR_ACCOUNT", "UNUSUAL_ASN_FOR_USER"
2985
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators[0].values #=> Array
2986
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators[0].values[0] #=> String
2987
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators[0].title #=> String
2988
+ # resp.findings[0].service.detection.sequence.sequence_indicators #=> Array
2989
+ # resp.findings[0].service.detection.sequence.sequence_indicators[0].key #=> String, one of "SUSPICIOUS_USER_AGENT", "SUSPICIOUS_NETWORK", "MALICIOUS_IP", "TOR_IP", "ATTACK_TACTIC", "HIGH_RISK_API", "ATTACK_TECHNIQUE", "UNUSUAL_API_FOR_ACCOUNT", "UNUSUAL_ASN_FOR_ACCOUNT", "UNUSUAL_ASN_FOR_USER"
2990
+ # resp.findings[0].service.detection.sequence.sequence_indicators[0].values #=> Array
2991
+ # resp.findings[0].service.detection.sequence.sequence_indicators[0].values[0] #=> String
2992
+ # resp.findings[0].service.detection.sequence.sequence_indicators[0].title #=> String
2880
2993
  # resp.findings[0].service.malware_scan_details.threats #=> Array
2881
2994
  # resp.findings[0].service.malware_scan_details.threats[0].name #=> String
2882
2995
  # resp.findings[0].service.malware_scan_details.threats[0].source #=> String
@@ -2887,6 +3000,7 @@ module Aws::GuardDuty
2887
3000
  # resp.findings[0].title #=> String
2888
3001
  # resp.findings[0].type #=> String
2889
3002
  # resp.findings[0].updated_at #=> String
3003
+ # resp.findings[0].associated_attack_sequence_arn #=> String
2890
3004
  #
2891
3005
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetFindings AWS API Documentation
2892
3006
  #
@@ -5216,8 +5330,10 @@ module Aws::GuardDuty
5216
5330
  # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html
5217
5331
  #
5218
5332
  # @option params [Boolean] :auto_enable
5219
- # Represents whether or not to automatically enable member accounts in
5220
- # the organization.
5333
+ # Represents whether to automatically enable member accounts in the
5334
+ # organization. This applies to only new member accounts, not the
5335
+ # existing member accounts. When a new account joins the organization,
5336
+ # the chosen features will be enabled for them by default.
5221
5337
  #
5222
5338
  # Even though this is still supported, we recommend using
5223
5339
  # `AutoEnableOrganizationMembers` to achieve the similar results. You
@@ -5418,7 +5534,7 @@ module Aws::GuardDuty
5418
5534
  tracer: tracer
5419
5535
  )
5420
5536
  context[:gem_name] = 'aws-sdk-guardduty'
5421
- context[:gem_version] = '1.107.0'
5537
+ context[:gem_version] = '1.109.0'
5422
5538
  Seahorse::Client::Request.new(handlers, context)
5423
5539
  end
5424
5540